Vida Ahmadi Mehri, Dragos Ilie and Kurt Tutschku

IoT systems are increasingly composed out of flexible, programmable, virtualised, and arbitrarily chained IoT elements and services using portable code. Moreover, they might be sliced, i.e. allowing multiple logical IoT systems (network + application) to run on top of a shared physical network and compute infrastructure. However, implementing and designing particularly security mechanisms for such IoT systems is challenging since a) promising technologies are still maturing, and b) the relationships among the many requirements, technologies and components are difficult to model a-priori.

The aim of the paper is to define design cues for the security architecture and mechanisms of future, virtualised, arbitrarily chained, and eventually sliced IoT systems. Hereby, our focus is laid on the authorisation and authentication of user and host, as well as on code integrity in these virtualised systems. The design cues are derived from the design and implementation of a secure virtual environment for distributed and collaborative AI system engineering using so called AI pipelines. The pipelines apply chained virtual elements and services and facilitate the slicing of the system. The virtual environment is denoted for short as the virtual premise (VP). The use-case of the VP for AI design provides insight into the complex interactions in the architecture, leading us to believe that the VP concept can be generalised to the IoT systems mentioned above. In addition, the use-case permits to derive, implement, and test solutions. This paper describes the flexible architecture of the VP and the design and implementation of access and execution control in virtual and containerised environments.

View More Papers

Security Analysis against Spoofing Attacks for Distributed UAVs

Kyo Hyun Kim (University of Illinois at Urbana-Champaign, USA); Siddhartha Nalluri (Duke University, USA); Ashish Kashinath (University of Illinois at Urbana-Champaign, USA); Yu Wang (Duke University, USA); Sibin Mohan (University of Illinois at Urbana-Champaign, USA); Miroslav Pajic (Duke University, USA); Bo Li (University of Illinois at Urbana-Champaign, USA)

Read More

Mining Threat Intelligence from Billion-scale SSH Brute-Force Attacks

Yuming Wu, Phuong Cao (University of Illinois at Urbana Champaign, USA); Alexander Withers (National Center for Supercomputing Application, USA); Zbigniew Kalbarczyk and Ravishankar Iyer (University of Illinois at Urbana Champaign, USA)

Read More

Proof-of-Authentication for Private Distributed Ledger

Zhiyi Zhang, Vishrant Vasavada, Randy King and Lixia Zhang

Read More